The secure data network of a company is a critical component of day-to-day functioning of company business activities. One of the crucial operations of a secure data network is proper access control for a user.
Existing methods for access control to a secure data network are based on a user identity, such as a user name or an employee number, or based on a role associated with the user identity. For example, Roger Singleton's user identity “C12756013” associates with a role of a field support engineer. In another example, Verna Simpson's user identity “verna.simpson” associates with a role of a marketing manager. In one more example, Kimberly Nguyen's user identity “DC201319N” associates with a role of a human resources representative.
With the growing complexity of secure data networks, the variety of business activities conducted via the secure data networks, and particularly the diversity of locations for a user to access the secure data networks, access control based on user identity or its associated role is no longer adequate. For example, a user can access the secure data network of a company from within the company, from home via a public data network such as the Internet, or from a vacation resort via a cellular data network, such as a General Packet Radio Service (GPRS) network.
In one scenario, Kimberly uses her desktop computer in her office to access confidential salary information from the company's secure data network. During lunch time, she takes her laptop computer to a patio outside the company building and has lunch with several co-workers. As she continues her work during lunch, her co-workers walking past her accidentally see the salary information. Although the patio is a much less secure environment physically, compared to her office, Kimberly is nonetheless able to access the same sensitive information from the secure data network.
In another scenario, Verna of Company A visits Company B. She uses her laptop computer to access Company A's secure data network via a network of Company B. She accesses a confidential competitive marketing analysis to prepare for a meeting. In this scenario, the confidential information passes through the network of Company B, increasing the risk of leaking important marketing information of Company A to Company B. Likewise, although the network of Company B is a much less secure environment strategically and electronically, as viewed by and in comparison to that of Company A, Verna is nonetheless able to access the same sensitive information from the secure data network.
The above examples represent a security problem for a secure data network of a company, and they indicate the need for providing a solution for differential secure data network access control based on the network access point. Some work-arounds have been created to address related scenarios, but such work-arounds typically address only narrow aspects of the issue. For instance, one such work-around involves the use of wireless text pagers, such as Blackberry™ devices, that receive and send email from the user's company email account. Assuming that Company A provides Verna with a Blackberry™ to receive and send email using her Company A email account, Company A may still not want Verna to receive or send information confidential to Company A via email on her Blackberry™ device.
To help achieve Company A′s desired result, Company A may implement a policy instructing its employees to electronically designate their emails as “Normal,” “Confidential,” “Private,” or “Personal,” as is possible using many email applications, such as MS Outlook™. In addition, Company A may configure its Blackberry™ email re-routing software so that emails electronically designated as “Confidential” are not sent (“pushed”) to Verna's Blackberry™ device, while nonetheless pushing all Verna's other emails to her device. Likewise, Verna may be prevented from sending an email from her device that she designates as “Confidential.” Emails designated as “Confidential” will, as usual, be available from Company A's secure data network, irrespective of where Verna may log-on with her laptop. However, such a work-around is only as good as the implementation of the underlying policy, placing significant reliance on the cooperation of Company A employees to properly designate emails, not to mention Company A's inability to police emails from business partners that may send mutually confidential information to Verna without electronically designating it as “Confidential.”